Add context parameter for authenticators #126
Conversation
A fresh Rails 4.2 install includes sass-rails 5.0.3, which clashes with CASino's requirement of sass-rails 4.x
Sometimes a login might require more information than just a username and password, in these cases the extra info can be pased to the authenticator via the context parameter as a Hash.
|
@meanphil This is exactly what I just worked on and came up with the same solution. However, I think there needs to be a way to build a context object server-side. I'm still devising a way to do that -- likely a CASino config option to specify a |
|
@meanphil I've sent a PR (meanphil#1) to your fork so you can review/merge and update this PR |
Add configurable context when validating credentials
| @@ -23,6 +23,10 @@ def current_user | |||
| tgt.user | |||
| end | |||
|
|
|||
| def current_authenticator_context | |||
| CASino.config.authenticator_context_builder.call(params, request) | |||
There was a problem hiding this comment.
What is the suggested approach to set CASino.config.authenticator_context_builder?
There was a problem hiding this comment.
@pencil it's very simple -- your "builder" returns an object that is used by your custom authenticator. In my case, I just need to get the host of the request, so that I can look up specific records segmented by the current hostname (or domain name or subdomain name). In my case, I return a Hash such as {host: request.host}. I could look at headers, request parameters, or other places to get more data about the request that may be relevant to my authenticator (particularly in a multi-tenant setup, where the database is segmented based on something like the domain name).
There was a problem hiding this comment.
I was more thinking about: How is the config option set? Options are currently loaded from the cas.yml which in this case will not work (since it has to be a Proc). Is the suggested approach to set this specific option in an initializer?
There was a problem hiding this comment.
@pencil we could have a authenticator_context_builder_class option that is "constantized" and set to the authenticator_context_builder property. The class would simply need to have a call method on it.
Of course, we could create a default constant class that parses config options and does something like refer to request properties, but that gets very complicated and also requires specific opinions about what the context does or consists of. We should keep it to declarative procs or classes.
Thoughts?
|
@pencil can this be merged in? |
|
@pencil can this be merged? Are you still maintaining this project or accepting contributions? |
Hi there,
When logging in my users I also need a parameter for which country they want to log into. Instead of just adding a third parameter called country and keep it as a local branch I thought I'd make it more generic in the hope you'd merge this into CASino?
Anyway, I've added a third parameter to authenticators' #validate method called context, which could just be a Hash or really any data that's specific to the particular authenticator class you're using.